A decentralized cryptocurrency exchange has confirmed a hacker attack on one of its contracts, after users reported losses with the platform.
It all started on Monday (29), when a Twitter user leaked the information that the El Dorado Exchange had lost $580,000. Given the value in Real, the broker lost R$ 2.9 million.
The incident took at least 24 hours to get the brokerage to issue a statement to clients. But last Wednesday (31) the coup surfaced, confirming the invasion and theft of cryptocurrencies.
Cryptocurrency brokerage accused of forcing user liquidations during attack, hacker returned part of what he stole
The El Dorado Exchange, better known as EDE by traders operating on its platform, releases options with leverage of up to 50 times for trades. Thus, traders looking for the platform were using a risky exchange, which if successful could yield large profits.
And what was striking was that the person responsible for the invasion presented himself as an ethical hacker after the cyber attack. In a transaction over blockchain, he noted that EDE created a trading robot that liquidated its own users and accused the brokerage of manipulating the market.
New message reads: “The managers of Ede have created a bot to force the liquidation of any position of your choice whenever you want. Ask admins about it, see if they’re lying to you.
New message says:
“ede admins made a bot to force any position of their choice whenever they want. Ask the admins about it, see if they lie to you.”https://t.co/chZG714BZ7https://t.co/89EdZ39ejK
— Res (@resdegen) May 29, 2023
The team of Lunaray secwho conducted a recent audit of the company’s contract stated that the matter was not known.
Still, the hacker agreed to return most of the cryptocurrencies seized and benefited from $100,000 for finding the flaw in the contract.
Broker apologizes to users and says lessons have been learned
Apparently, the problem with EDE Finance, which operates on the BSC Chain network, originated from a careless smart contract implementation.
Thus, the new contract arrived in the operation of the platform with the error, which allowed the hacker to steal BRL 2.9 million in recent days. In a note from last Wednesday (31), El Dorado apologized for the incident it caused and admitted its mistakes to the community.
“Apologies for the recent ELP-1 incident. We admit our mistake in implementing an unverified contract. Lessons learned, we will be doing full audits for future releases. Team is committed to careful execution. Thank you for your understanding.”
Apologies for the recent ELP-1 incident.
We admit our mistake in implementing an unverified contract.
Lessons learned, we will conduct thorough audits for future launches.
Team is committed to careful execution.
Thank you for your understanding.
Read more: https://t.co/0l8aEEkm5x
— El Dorado Exchange (EDE) (@ede_finance) May 31, 2023
Since some of the resources have already returned to the project, the community is calmer. Still, the project continues to conduct audits on all of its smart contracts to prevent future incidents like this.
In an open letter to investors last Tuesday (30), the head of the brokerage said that after the attack, paranoia is taking over the team. The fear of new hacker attacks continues among the employees and he understands that the “contract bomb exploded in everyone’s face” is leaving traces.
The case shows that decentralized exchanges continue to take risks with smart contract implementations, which, if done carelessly, can pose significant risks.
Source: Live Coins
Barry Siefert is an accomplished journalist and author at The Nation View. He is known for his expertise in the field of cryptocurrency, and has written extensively on the topic. With a background in finance and economics, Barry has a deep understanding of the underlying technology and market forces that drive the crypto industry.